sl_def(sha_main_inner, void,
sl_glparm(const uint32_t*restrict, w),
sl_shparm(unsigned long, a),
sl_shparm(unsigned long, b),
sl_shparm(unsigned long, c),
sl_shparm(unsigned long, d),
sl_shparm(unsigned long, e))
{
sl_index(i);
uint32_t d = sl_getp(d);
uint32_t e = sl_getp(e);
sl_setp(e, d);
uint32_t c = sl_getp(c);
sl_setp(d, c);
uint32_t b = sl_getp(b);
sl_setp(c, ROL32(b, 30));
uint32_t a = sl_getp(a);
sl_setp(b, a);
uint32_t tmp = ROL32(a, 5) + e + sl_getp(w)[i];
if (i < 20) {
tmp += (b & c) | ((~b) & d);
tmp += 0x5A827999L;
} else if (i < 40) {
tmp += (b ^ c ^ d);
tmp += 0x6ED9EBA1L;
} else if (i < 60) {
tmp += (b & c) | (b & d) | (c & d);
tmp += 0x8F1BBCDCL;
} else {
tmp += (b ^ c ^ d);
tmp += 0xCA62C1D6L;
}
sl_setp(a, tmp);
}
error_t rc6Init(Rc6Context *context, const uint8_t *key, size_t keyLength)
{
uint_t c;
uint_t i;
uint_t j;
uint_t s;
uint_t v;
uint32_t a;
uint32_t b;
//Invalid key length?
if(keyLength > RC6_MAX_KEY_SIZE)
return ERROR_INVALID_KEY_LENGTH;
//Convert the secret key from bytes to words
memset(context->l, 0, RC6_MAX_KEY_SIZE);
memcpy(context->l, key, keyLength);
//Calculate the length of the key in words
c = (keyLength > 0) ? (keyLength + 3) / 4 : 1;
//Initialize the first element of S
context->s[0] = P32;
//Initialize array S to a particular fixed pseudo random bit pattern
for(i = 1; i < (2 * RC6_NB_ROUNDS + 4); i++)
context->s[i] = context->s[i - 1] + Q32;
//Initialize variables
i = 0;
j = 0;
a = 0;
b = 0;
//Number of iterations
v = 3 * MAX(c, 2 * RC6_NB_ROUNDS + 4);
//Key expansion
for(s = 0; s < v; s++)
{
context->s[i] += a + b;
context->s[i] = ROL32(context->s[i], 3);
a = context->s[i];
context->l[j] += a + b;
context->l[j] = ROL32(context->l[j], (a + b) % 32);
b = context->l[j];
if(++i >= (2 * RC6_NB_ROUNDS + 4))
i = 0;
if(++j >= c)
j = 0;
}
//No error to report
return NO_ERROR;
}
void AES128::iShiftRows( unsigned char *m )
{
register unsigned int * m32 = ( unsigned int * ) m;
// m32[0] = ROL32(m32[0], 0);
m32[ 1 ] = ROL32( m32[ 1 ], 8 );
m32[ 2 ] = ROL32( m32[ 2 ], 16 );
m32[ 3 ] = ROL32( m32[ 3 ], 24 );
}
void rc6DecryptBlock(Rc6Context *context, const uint8_t *input, uint8_t *output)
{
uint_t i;
uint32_t t;
uint32_t u;
//Load the 4 working registers with the ciphertext
uint32_t a = LOAD32LE(input + 0);
uint32_t b = LOAD32LE(input + 4);
uint32_t c = LOAD32LE(input + 8);
uint32_t d = LOAD32LE(input + 12);
//First, update C and A
c -= context->s[2 * RC6_NB_ROUNDS + 3];
a -= context->s[2 * RC6_NB_ROUNDS + 2];
//Apply 20 rounds
for(i = RC6_NB_ROUNDS; i > 0; i--)
{
t = d;
d = c;
c = b;
b = a;
a = t;
u = (d * (2 * d + 1));
u = ROL32(u, 5);
t = (b * (2 * b + 1));
t = ROL32(t, 5);
c -= context->s[2 * i + 1];
c = ROR32(c, t % 32) ^ u;
a -= context->s[2 * i];
a = ROR32(a, u % 32) ^ t;
}
//Update D and B
d -= context->s[1];
b -= context->s[0];
//The resulting value is the plaintext
STORE32LE(a, output + 0);
STORE32LE(b, output + 4);
STORE32LE(c, output + 8);
STORE32LE(d, output + 12);
}
void rc6EncryptBlock(Rc6Context *context, const uint8_t *input, uint8_t *output)
{
uint_t i;
uint32_t t;
uint32_t u;
//Load the 4 working registers with the plaintext
uint32_t a = LOAD32LE(input + 0);
uint32_t b = LOAD32LE(input + 4);
uint32_t c = LOAD32LE(input + 8);
uint32_t d = LOAD32LE(input + 12);
//First, update B and D
b += context->s[0];
d += context->s[1];
//Apply 20 rounds
for(i = 1; i <= RC6_NB_ROUNDS; i++)
{
t = (b * (2 * b + 1));
t = ROL32(t, 5);
u = (d * (2 * d + 1));
u = ROL32(u, 5);
a ^= t;
a = ROL32(a, u % 32) + context->s[2 * i];
c ^= u;
c = ROL32(c, t % 32) + context->s[2 * i + 1];
t = a;
a = b;
b = c;
c = d;
d = t;
}
//Update A and C
a += context->s[2 * RC6_NB_ROUNDS + 2];
c += context->s[2 * RC6_NB_ROUNDS + 3];
//The resulting value is the ciphertext
STORE32LE(a, output + 0);
STORE32LE(b, output + 4);
STORE32LE(c, output + 8);
STORE32LE(d, output + 12);
}
__inline
VOID
HwMICBlock(
PULONG L,
PULONG R
)
{
*R ^= ROL32(*L, 17);
*L += *R;
*R ^= ((*L & 0xff00ff00) >> 8) | ((*L & 0x00ff00ff) << 8);
*L += *R;
*R ^= ROL32(*L, 3);
*L += *R;
*R ^= ROR32(*L, 2);
*L += *R;
}
static void s_vAppendByte(BYTE b)
{
/* Append the byte to our word-sized buffer */
M |= b << (8*nBytesInM);
nBytesInM++;
/* Process the word if it is full. */
if (nBytesInM >= 4) {
L ^= M;
R ^= ROL32(L, 17);
L += R;
R ^= ((L & 0xff00ff00) >> 8) | ((L & 0x00ff00ff) << 8);
L += R;
R ^= ROL32(L, 3);
L += R;
R ^= ROR32(L, 2);
L += R;
/* Clear the buffer */
M = 0;
nBytesInM = 0;
}
static VOID s_vAppendByte (BYTE b)
{
M |= b << (8*nBytesInM);
nBytesInM++;
if( nBytesInM >= 4 )
{
L ^= M;
R ^= ROL32( L, 17 );
L += R;
R ^= ((L & 0xff00ff00) >> 8) | ((L & 0x00ff00ff) << 8);
L += R;
R ^= ROL32( L, 3 );
L += R;
R ^= ROR32( L, 2 );
L += R;
M = 0;
nBytesInM = 0;
}
unsigned int AES128::RolSubByte( unsigned int n )
{
n = ROL32( n, 8 );
unsigned char *b = ( unsigned char * ) & n;
b[ 0 ] = S[ b[ 0 ] ];
b[ 1 ] = S[ b[ 1 ] ];
b[ 2 ] = S[ b[ 2 ] ];
b[ 3 ] = S[ b[ 3 ] ];
return n;
}
static uint16_t ideaMul(uint16_t a, uint16_t b)
{
uint32_t c = a * b;
if(c)
{
c = (ROL32(c, 16) - c) >> 16;
return (c + 1) & 0xFFFF;
}
else
{
return (1 - a - b) & 0xFFFF;
VOID mic_appendByte(PMICHAEL_T pmic,UINT8 b )
{
// Append the byte to our word-sized buffer
pmic->M |= b << (8*pmic->nBytesInM);
pmic->nBytesInM++;
// Process the word if it is full.
if( pmic->nBytesInM >= 4 )
{
pmic->L ^= pmic->M;
pmic->R ^= ROL32( pmic->L, 17 );
pmic->L += pmic->R;
pmic->R ^= ((pmic->L & 0xff00ff00) >> 8) | ((pmic->L & 0x00ff00ff) << 8);
pmic->L += pmic->R;
pmic->R ^= ROL32( pmic->L, 3 );
pmic->L += pmic->R;
pmic->R ^= ROR32( pmic->L, 2 );
pmic->L += pmic->R;
// Clear the buffer
pmic->M = 0;
pmic->nBytesInM = 0;
}
/*
========================================================================
Routine Description:
Calculate the MIC Value.
Arguments:
pAd Pointer to our adapter
uChar Append this uChar
Return Value:
None
IRQL = DISPATCH_LEVEL
Note:
========================================================================
*/
void RTMPTkipAppendByte(struct rt_tkip_key_info *pTkip, u8 uChar)
{
/* Append the byte to our word-sized buffer */
pTkip->M |= (uChar << (8 * pTkip->nBytesInM));
pTkip->nBytesInM++;
/* Process the word if it is full. */
if (pTkip->nBytesInM >= 4) {
pTkip->L ^= pTkip->M;
pTkip->R ^= ROL32(pTkip->L, 17);
pTkip->L += pTkip->R;
pTkip->R ^=
((pTkip->L & 0xff00ff00) >> 8) | ((pTkip->
L & 0x00ff00ff) << 8);
pTkip->L += pTkip->R;
pTkip->R ^= ROL32(pTkip->L, 3);
pTkip->L += pTkip->R;
pTkip->R ^= ROR32(pTkip->L, 2);
pTkip->L += pTkip->R;
/* Clear the buffer */
pTkip->M = 0;
pTkip->nBytesInM = 0;
}
void serpent256_set_key(const unsigned char *key, serpent256_key *skey)
{
u32 W[140], i;
mincpy(W, key, SERPENT_KEY_SIZE);
for(i = 8; i != 140; ++i) {
W[i] = ROL32(W[i-8] ^ W[i-5] ^ W[i-3] ^ W[i-1] ^ PHI ^ (i-8), 11);
}
for (i = 8; i <= 136; i += 4) {
se_tab[7 - (((i / 4) + 2) % 8)](&W[i]);
}
mincpy(skey->expkey, W+8, SERPENT_EXPKEY_WORDS*sizeof(u32));
}
/*
========================================================================
Routine Description:
Calculate the MIC Value.
Arguments:
pAd Pointer to our adapter
uChar Append this uChar
Return Value:
None
IRQL = DISPATCH_LEVEL
Note:
========================================================================
*/
VOID RTMPTkipAppendByte(
IN PTKIP_KEY_INFO pTkip,
IN UCHAR uChar)
{
/* Append the byte to our word-sized buffer */
pTkip->M |= (uChar << (8* pTkip->nBytesInM));
pTkip->nBytesInM++;
/* Process the word if it is full. */
if( pTkip->nBytesInM >= 4 )
{
pTkip->L ^= pTkip->M;
pTkip->R ^= ROL32( pTkip->L, 17 );
pTkip->L += pTkip->R;
pTkip->R ^= ((pTkip->L & 0xff00ff00) >> 8) | ((pTkip->L & 0x00ff00ff) << 8);
pTkip->L += pTkip->R;
pTkip->R ^= ROL32( pTkip->L, 3 );
pTkip->L += pTkip->R;
pTkip->R ^= ROR32( pTkip->L, 2 );
pTkip->L += pTkip->R;
/* Clear the buffer */
pTkip->M = 0;
pTkip->nBytesInM = 0;
}
VOID RTMPTkipAppendByte(
IN PTKIP_KEY_INFO pTkip,
IN UCHAR uChar)
{
pTkip->M |= (uChar << (8* pTkip->nBytesInM));
pTkip->nBytesInM++;
if( pTkip->nBytesInM >= 4 )
{
pTkip->L ^= pTkip->M;
pTkip->R ^= ROL32( pTkip->L, 17 );
pTkip->L += pTkip->R;
pTkip->R ^= ((pTkip->L & 0xff00ff00) >> 8) | ((pTkip->L & 0x00ff00ff) << 8);
pTkip->L += pTkip->R;
pTkip->R ^= ROL32( pTkip->L, 3 );
pTkip->L += pTkip->R;
pTkip->R ^= ROR32( pTkip->L, 2 );
pTkip->L += pTkip->R;
pTkip->M = 0;
pTkip->nBytesInM = 0;
}
sl_enddef
sl_def(sha_main_outer, void,
sl_glparm(const uint32_t*restrict, input),
sl_shparm(unsigned long, h0),
sl_shparm(unsigned long, h1),
sl_shparm(unsigned long, h2),
sl_shparm(unsigned long, h3),
sl_shparm(unsigned long, h4))
{
sl_index(offset_base);
int i;
const uint32_t*restrict input = sl_getp(input) + offset_base;
/* word extension: not easily made concurrent! */
uint32_t w[80];
sl_create(,PLACE_LOCAL,,16,,,, buf_copy,
sl_glarg(const uint32_t*restrict, src, input),
sl_glarg(uint32_t*restrict, dst, w));
sl_sync();
// for (i = 0; i < 16; ++i) w[i] = input[i];
for (i = 16; i < 80; ++i) {
uint32_t x = w[i-3] ^ w[i-8] ^ w[i-14] ^ w[i-16];
w[i] = ROL32(x, 1);
}
sl_create(,,,80,,,, sha_main_inner,
sl_glarg(const uint32_t*restrict, wg, w),
sl_sharg(unsigned long, a),
sl_sharg(unsigned long, b),
sl_sharg(unsigned long, c),
sl_sharg(unsigned long, d),
sl_sharg(unsigned long, e));
sl_seta(a, sl_getp(h0));
sl_seta(b, sl_getp(h1));
sl_seta(c, sl_getp(h2));
sl_seta(d, sl_getp(h3));
sl_seta(e, sl_getp(h4));
sl_sync();
sl_setp(h0, sl_getp(h0) + sl_geta(a));
sl_setp(h1, sl_getp(h1) + sl_geta(b));
sl_setp(h2, sl_getp(h2) + sl_geta(c));
sl_setp(h3, sl_getp(h3) + sl_geta(d));
sl_setp(h4, sl_getp(h4) + sl_geta(e));
}
void KeccakP1600_12_StatePermute(void *state)
{
{
UINT32 Da0, De0, Di0, Do0, Du0;
UINT32 Da1, De1, Di1, Do1, Du1;
UINT32 Ca0, Ce0, Ci0, Co0, Cu0;
UINT32 Cx, Cy, Cz, Cw;
#define Ba Ca0
#define Be Ce0
#define Bi Ci0
#define Bo Co0
#define Bu Cu0
const UINT32 *pRoundConstants = KeccakP160012RoundConstants_int2;
UINT32 *stateAsHalfLanes = (UINT32*)state;
#define Aba0 stateAsHalfLanes[ 0]
#define Aba1 stateAsHalfLanes[ 1]
#define Abe0 stateAsHalfLanes[ 2]
#define Abe1 stateAsHalfLanes[ 3]
#define Abi0 stateAsHalfLanes[ 4]
#define Abi1 stateAsHalfLanes[ 5]
#define Abo0 stateAsHalfLanes[ 6]
#define Abo1 stateAsHalfLanes[ 7]
#define Abu0 stateAsHalfLanes[ 8]
#define Abu1 stateAsHalfLanes[ 9]
#define Aga0 stateAsHalfLanes[10]
#define Aga1 stateAsHalfLanes[11]
#define Age0 stateAsHalfLanes[12]
#define Age1 stateAsHalfLanes[13]
#define Agi0 stateAsHalfLanes[14]
#define Agi1 stateAsHalfLanes[15]
#define Ago0 stateAsHalfLanes[16]
#define Ago1 stateAsHalfLanes[17]
#define Agu0 stateAsHalfLanes[18]
#define Agu1 stateAsHalfLanes[19]
#define Aka0 stateAsHalfLanes[20]
#define Aka1 stateAsHalfLanes[21]
#define Ake0 stateAsHalfLanes[22]
#define Ake1 stateAsHalfLanes[23]
#define Aki0 stateAsHalfLanes[24]
#define Aki1 stateAsHalfLanes[25]
#define Ako0 stateAsHalfLanes[26]
#define Ako1 stateAsHalfLanes[27]
#define Aku0 stateAsHalfLanes[28]
#define Aku1 stateAsHalfLanes[29]
#define Ama0 stateAsHalfLanes[30]
#define Ama1 stateAsHalfLanes[31]
#define Ame0 stateAsHalfLanes[32]
#define Ame1 stateAsHalfLanes[33]
#define Ami0 stateAsHalfLanes[34]
#define Ami1 stateAsHalfLanes[35]
#define Amo0 stateAsHalfLanes[36]
#define Amo1 stateAsHalfLanes[37]
#define Amu0 stateAsHalfLanes[38]
#define Amu1 stateAsHalfLanes[39]
#define Asa0 stateAsHalfLanes[40]
#define Asa1 stateAsHalfLanes[41]
#define Ase0 stateAsHalfLanes[42]
#define Ase1 stateAsHalfLanes[43]
#define Asi0 stateAsHalfLanes[44]
#define Asi1 stateAsHalfLanes[45]
#define Aso0 stateAsHalfLanes[46]
#define Aso1 stateAsHalfLanes[47]
#define Asu0 stateAsHalfLanes[48]
#define Asu1 stateAsHalfLanes[49]
do
{
// --- Code for 4 rounds
// --- using factor 2 interleaving, 64-bit lanes mapped to 32-bit words
KeccakAtoD_round0();
Ba = (Aba0^Da0);
Be = ROL32((Age0^De0), 22);
Bi = ROL32((Aki1^Di1), 22);
Bo = ROL32((Amo1^Do1), 11);
Bu = ROL32((Asu0^Du0), 7);
Aba0 = Ba ^((~Be)& Bi );
Aba0 ^= *(pRoundConstants++);
Age0 = Be ^((~Bi)& Bo );
Aki1 = Bi ^((~Bo)& Bu );
Amo1 = Bo ^((~Bu)& Ba );
Asu0 = Bu ^((~Ba)& Be );
Ba = (Aba1^Da1);
Be = ROL32((Age1^De1), 22);
Bi = ROL32((Aki0^Di0), 21);
Bo = ROL32((Amo0^Do0), 10);
Bu = ROL32((Asu1^Du1), 7);
Aba1 = Ba ^((~Be)& Bi );
Aba1 ^= *(pRoundConstants++);
Age1 = Be ^((~Bi)& Bo );
Aki0 = Bi ^((~Bo)& Bu );
Amo0 = Bo ^((~Bu)& Ba );
Asu1 = Bu ^((~Ba)& Be );
Bi = ROL32((Aka1^Da1), 2);
Bo = ROL32((Ame1^De1), 23);
Bu = ROL32((Asi1^Di1), 31);
Ba = ROL32((Abo0^Do0), 14);
Be = ROL32((Agu0^Du0), 10);
Aka1 = Ba ^((~Be)& Bi );
Ame1 = Be ^((~Bi)& Bo );
Asi1 = Bi ^((~Bo)& Bu );
Abo0 = Bo ^((~Bu)& Ba );
Agu0 = Bu ^((~Ba)& Be );
Bi = ROL32((Aka0^Da0), 1);
Bo = ROL32((Ame0^De0), 22);
Bu = ROL32((Asi0^Di0), 30);
Ba = ROL32((Abo1^Do1), 14);
Be = ROL32((Agu1^Du1), 10);
Aka0 = Ba ^((~Be)& Bi );
Ame0 = Be ^((~Bi)& Bo );
Asi0 = Bi ^((~Bo)& Bu );
Abo1 = Bo ^((~Bu)& Ba );
Agu1 = Bu ^((~Ba)& Be );
Bu = ROL32((Asa0^Da0), 9);
Ba = ROL32((Abe1^De1), 1);
Be = ROL32((Agi0^Di0), 3);
Bi = ROL32((Ako1^Do1), 13);
Bo = ROL32((Amu0^Du0), 4);
Asa0 = Ba ^((~Be)& Bi );
Abe1 = Be ^((~Bi)& Bo );
Agi0 = Bi ^((~Bo)& Bu );
Ako1 = Bo ^((~Bu)& Ba );
Amu0 = Bu ^((~Ba)& Be );
Bu = ROL32((Asa1^Da1), 9);
Ba = (Abe0^De0);
Be = ROL32((Agi1^Di1), 3);
Bi = ROL32((Ako0^Do0), 12);
Bo = ROL32((Amu1^Du1), 4);
Asa1 = Ba ^((~Be)& Bi );
Abe0 = Be ^((~Bi)& Bo );
Agi1 = Bi ^((~Bo)& Bu );
Ako0 = Bo ^((~Bu)& Ba );
Amu1 = Bu ^((~Ba)& Be );
Be = ROL32((Aga0^Da0), 18);
Bi = ROL32((Ake0^De0), 5);
Bo = ROL32((Ami1^Di1), 8);
Bu = ROL32((Aso0^Do0), 28);
Ba = ROL32((Abu1^Du1), 14);
Aga0 = Ba ^((~Be)& Bi );
Ake0 = Be ^((~Bi)& Bo );
Ami1 = Bi ^((~Bo)& Bu );
Aso0 = Bo ^((~Bu)& Ba );
Abu1 = Bu ^((~Ba)& Be );
Be = ROL32((Aga1^Da1), 18);
Bi = ROL32((Ake1^De1), 5);
Bo = ROL32((Ami0^Di0), 7);
Bu = ROL32((Aso1^Do1), 28);
Ba = ROL32((Abu0^Du0), 13);
Aga1 = Ba ^((~Be)& Bi );
Ake1 = Be ^((~Bi)& Bo );
Ami0 = Bi ^((~Bo)& Bu );
Aso1 = Bo ^((~Bu)& Ba );
Abu0 = Bu ^((~Ba)& Be );
Bo = ROL32((Ama1^Da1), 21);
Bu = ROL32((Ase0^De0), 1);
Ba = ROL32((Abi0^Di0), 31);
Be = ROL32((Ago1^Do1), 28);
Bi = ROL32((Aku1^Du1), 20);
Ama1 = Ba ^((~Be)& Bi );
Ase0 = Be ^((~Bi)& Bo );
Abi0 = Bi ^((~Bo)& Bu );
Ago1 = Bo ^((~Bu)& Ba );
Aku1 = Bu ^((~Ba)& Be );
Bo = ROL32((Ama0^Da0), 20);
Bu = ROL32((Ase1^De1), 1);
Ba = ROL32((Abi1^Di1), 31);
Be = ROL32((Ago0^Do0), 27);
Bi = ROL32((Aku0^Du0), 19);
Ama0 = Ba ^((~Be)& Bi );
Ase1 = Be ^((~Bi)& Bo );
Abi1 = Bi ^((~Bo)& Bu );
Ago0 = Bo ^((~Bu)& Ba );
Aku0 = Bu ^((~Ba)& Be );
KeccakAtoD_round1();
Ba = (Aba0^Da0);
Be = ROL32((Ame1^De0), 22);
Bi = ROL32((Agi1^Di1), 22);
Bo = ROL32((Aso1^Do1), 11);
Bu = ROL32((Aku1^Du0), 7);
Aba0 = Ba ^((~Be)& Bi );
Aba0 ^= *(pRoundConstants++);
Ame1 = Be ^((~Bi)& Bo );
Agi1 = Bi ^((~Bo)& Bu );
Aso1 = Bo ^((~Bu)& Ba );
Aku1 = Bu ^((~Ba)& Be );
Ba = (Aba1^Da1);
Be = ROL32((Ame0^De1), 22);
Bi = ROL32((Agi0^Di0), 21);
Bo = ROL32((Aso0^Do0), 10);
Bu = ROL32((Aku0^Du1), 7);
Aba1 = Ba ^((~Be)& Bi );
Aba1 ^= *(pRoundConstants++);
Ame0 = Be ^((~Bi)& Bo );
Agi0 = Bi ^((~Bo)& Bu );
Aso0 = Bo ^((~Bu)& Ba );
Aku0 = Bu ^((~Ba)& Be );
Bi = ROL32((Asa1^Da1), 2);
Bo = ROL32((Ake1^De1), 23);
Bu = ROL32((Abi1^Di1), 31);
Ba = ROL32((Amo1^Do0), 14);
Be = ROL32((Agu0^Du0), 10);
Asa1 = Ba ^((~Be)& Bi );
Ake1 = Be ^((~Bi)& Bo );
Abi1 = Bi ^((~Bo)& Bu );
Amo1 = Bo ^((~Bu)& Ba );
Agu0 = Bu ^((~Ba)& Be );
Bi = ROL32((Asa0^Da0), 1);
Bo = ROL32((Ake0^De0), 22);
Bu = ROL32((Abi0^Di0), 30);
Ba = ROL32((Amo0^Do1), 14);
Be = ROL32((Agu1^Du1), 10);
Asa0 = Ba ^((~Be)& Bi );
Ake0 = Be ^((~Bi)& Bo );
Abi0 = Bi ^((~Bo)& Bu );
Amo0 = Bo ^((~Bu)& Ba );
Agu1 = Bu ^((~Ba)& Be );
Bu = ROL32((Ama1^Da0), 9);
Ba = ROL32((Age1^De1), 1);
Be = ROL32((Asi1^Di0), 3);
Bi = ROL32((Ako0^Do1), 13);
Bo = ROL32((Abu1^Du0), 4);
Ama1 = Ba ^((~Be)& Bi );
Age1 = Be ^((~Bi)& Bo );
Asi1 = Bi ^((~Bo)& Bu );
Ako0 = Bo ^((~Bu)& Ba );
Abu1 = Bu ^((~Ba)& Be );
Bu = ROL32((Ama0^Da1), 9);
Ba = (Age0^De0);
Be = ROL32((Asi0^Di1), 3);
Bi = ROL32((Ako1^Do0), 12);
Bo = ROL32((Abu0^Du1), 4);
Ama0 = Ba ^((~Be)& Bi );
Age0 = Be ^((~Bi)& Bo );
Asi0 = Bi ^((~Bo)& Bu );
Ako1 = Bo ^((~Bu)& Ba );
Abu0 = Bu ^((~Ba)& Be );
Be = ROL32((Aka1^Da0), 18);
Bi = ROL32((Abe1^De0), 5);
Bo = ROL32((Ami0^Di1), 8);
Bu = ROL32((Ago1^Do0), 28);
Ba = ROL32((Asu1^Du1), 14);
Aka1 = Ba ^((~Be)& Bi );
Abe1 = Be ^((~Bi)& Bo );
Ami0 = Bi ^((~Bo)& Bu );
Ago1 = Bo ^((~Bu)& Ba );
Asu1 = Bu ^((~Ba)& Be );
Be = ROL32((Aka0^Da1), 18);
Bi = ROL32((Abe0^De1), 5);
Bo = ROL32((Ami1^Di0), 7);
Bu = ROL32((Ago0^Do1), 28);
Ba = ROL32((Asu0^Du0), 13);
Aka0 = Ba ^((~Be)& Bi );
Abe0 = Be ^((~Bi)& Bo );
Ami1 = Bi ^((~Bo)& Bu );
Ago0 = Bo ^((~Bu)& Ba );
Asu0 = Bu ^((~Ba)& Be );
Bo = ROL32((Aga1^Da1), 21);
Bu = ROL32((Ase0^De0), 1);
Ba = ROL32((Aki1^Di0), 31);
Be = ROL32((Abo1^Do1), 28);
Bi = ROL32((Amu1^Du1), 20);
Aga1 = Ba ^((~Be)& Bi );
Ase0 = Be ^((~Bi)& Bo );
Aki1 = Bi ^((~Bo)& Bu );
Abo1 = Bo ^((~Bu)& Ba );
Amu1 = Bu ^((~Ba)& Be );
Bo = ROL32((Aga0^Da0), 20);
Bu = ROL32((Ase1^De1), 1);
Ba = ROL32((Aki0^Di1), 31);
Be = ROL32((Abo0^Do0), 27);
Bi = ROL32((Amu0^Du0), 19);
Aga0 = Ba ^((~Be)& Bi );
Ase1 = Be ^((~Bi)& Bo );
Aki0 = Bi ^((~Bo)& Bu );
Abo0 = Bo ^((~Bu)& Ba );
Amu0 = Bu ^((~Ba)& Be );
KeccakAtoD_round2();
Ba = (Aba0^Da0);
Be = ROL32((Ake1^De0), 22);
Bi = ROL32((Asi0^Di1), 22);
Bo = ROL32((Ago0^Do1), 11);
Bu = ROL32((Amu1^Du0), 7);
Aba0 = Ba ^((~Be)& Bi );
Aba0 ^= *(pRoundConstants++);
Ake1 = Be ^((~Bi)& Bo );
Asi0 = Bi ^((~Bo)& Bu );
Ago0 = Bo ^((~Bu)& Ba );
Amu1 = Bu ^((~Ba)& Be );
Ba = (Aba1^Da1);
Be = ROL32((Ake0^De1), 22);
Bi = ROL32((Asi1^Di0), 21);
Bo = ROL32((Ago1^Do0), 10);
Bu = ROL32((Amu0^Du1), 7);
Aba1 = Ba ^((~Be)& Bi );
Aba1 ^= *(pRoundConstants++);
Ake0 = Be ^((~Bi)& Bo );
Asi1 = Bi ^((~Bo)& Bu );
Ago1 = Bo ^((~Bu)& Ba );
Amu0 = Bu ^((~Ba)& Be );
Bi = ROL32((Ama0^Da1), 2);
Bo = ROL32((Abe0^De1), 23);
Bu = ROL32((Aki0^Di1), 31);
Ba = ROL32((Aso1^Do0), 14);
Be = ROL32((Agu0^Du0), 10);
Ama0 = Ba ^((~Be)& Bi );
Abe0 = Be ^((~Bi)& Bo );
Aki0 = Bi ^((~Bo)& Bu );
Aso1 = Bo ^((~Bu)& Ba );
Agu0 = Bu ^((~Ba)& Be );
Bi = ROL32((Ama1^Da0), 1);
Bo = ROL32((Abe1^De0), 22);
Bu = ROL32((Aki1^Di0), 30);
Ba = ROL32((Aso0^Do1), 14);
Be = ROL32((Agu1^Du1), 10);
Ama1 = Ba ^((~Be)& Bi );
Abe1 = Be ^((~Bi)& Bo );
Aki1 = Bi ^((~Bo)& Bu );
Aso0 = Bo ^((~Bu)& Ba );
Agu1 = Bu ^((~Ba)& Be );
Bu = ROL32((Aga1^Da0), 9);
Ba = ROL32((Ame0^De1), 1);
Be = ROL32((Abi1^Di0), 3);
Bi = ROL32((Ako1^Do1), 13);
Bo = ROL32((Asu1^Du0), 4);
Aga1 = Ba ^((~Be)& Bi );
Ame0 = Be ^((~Bi)& Bo );
Abi1 = Bi ^((~Bo)& Bu );
Ako1 = Bo ^((~Bu)& Ba );
Asu1 = Bu ^((~Ba)& Be );
Bu = ROL32((Aga0^Da1), 9);
Ba = (Ame1^De0);
Be = ROL32((Abi0^Di1), 3);
Bi = ROL32((Ako0^Do0), 12);
Bo = ROL32((Asu0^Du1), 4);
Aga0 = Ba ^((~Be)& Bi );
Ame1 = Be ^((~Bi)& Bo );
Abi0 = Bi ^((~Bo)& Bu );
Ako0 = Bo ^((~Bu)& Ba );
Asu0 = Bu ^((~Ba)& Be );
Be = ROL32((Asa1^Da0), 18);
Bi = ROL32((Age1^De0), 5);
Bo = ROL32((Ami1^Di1), 8);
Bu = ROL32((Abo1^Do0), 28);
Ba = ROL32((Aku0^Du1), 14);
Asa1 = Ba ^((~Be)& Bi );
Age1 = Be ^((~Bi)& Bo );
Ami1 = Bi ^((~Bo)& Bu );
Abo1 = Bo ^((~Bu)& Ba );
Aku0 = Bu ^((~Ba)& Be );
Be = ROL32((Asa0^Da1), 18);
Bi = ROL32((Age0^De1), 5);
Bo = ROL32((Ami0^Di0), 7);
Bu = ROL32((Abo0^Do1), 28);
Ba = ROL32((Aku1^Du0), 13);
Asa0 = Ba ^((~Be)& Bi );
Age0 = Be ^((~Bi)& Bo );
Ami0 = Bi ^((~Bo)& Bu );
Abo0 = Bo ^((~Bu)& Ba );
Aku1 = Bu ^((~Ba)& Be );
Bo = ROL32((Aka0^Da1), 21);
Bu = ROL32((Ase0^De0), 1);
Ba = ROL32((Agi1^Di0), 31);
Be = ROL32((Amo0^Do1), 28);
Bi = ROL32((Abu0^Du1), 20);
Aka0 = Ba ^((~Be)& Bi );
Ase0 = Be ^((~Bi)& Bo );
Agi1 = Bi ^((~Bo)& Bu );
Amo0 = Bo ^((~Bu)& Ba );
Abu0 = Bu ^((~Ba)& Be );
Bo = ROL32((Aka1^Da0), 20);
Bu = ROL32((Ase1^De1), 1);
Ba = ROL32((Agi0^Di1), 31);
Be = ROL32((Amo1^Do0), 27);
Bi = ROL32((Abu1^Du0), 19);
Aka1 = Ba ^((~Be)& Bi );
Ase1 = Be ^((~Bi)& Bo );
Agi0 = Bi ^((~Bo)& Bu );
Amo1 = Bo ^((~Bu)& Ba );
Abu1 = Bu ^((~Ba)& Be );
KeccakAtoD_round3();
Ba = (Aba0^Da0);
Be = ROL32((Abe0^De0), 22);
Bi = ROL32((Abi0^Di1), 22);
Bo = ROL32((Abo0^Do1), 11);
Bu = ROL32((Abu0^Du0), 7);
Aba0 = Ba ^((~Be)& Bi );
Aba0 ^= *(pRoundConstants++);
Abe0 = Be ^((~Bi)& Bo );
Abi0 = Bi ^((~Bo)& Bu );
Abo0 = Bo ^((~Bu)& Ba );
Abu0 = Bu ^((~Ba)& Be );
Ba = (Aba1^Da1);
Be = ROL32((Abe1^De1), 22);
Bi = ROL32((Abi1^Di0), 21);
Bo = ROL32((Abo1^Do0), 10);
Bu = ROL32((Abu1^Du1), 7);
Aba1 = Ba ^((~Be)& Bi );
Aba1 ^= *(pRoundConstants++);
Abe1 = Be ^((~Bi)& Bo );
Abi1 = Bi ^((~Bo)& Bu );
Abo1 = Bo ^((~Bu)& Ba );
Abu1 = Bu ^((~Ba)& Be );
Bi = ROL32((Aga0^Da1), 2);
Bo = ROL32((Age0^De1), 23);
Bu = ROL32((Agi0^Di1), 31);
Ba = ROL32((Ago0^Do0), 14);
Be = ROL32((Agu0^Du0), 10);
Aga0 = Ba ^((~Be)& Bi );
Age0 = Be ^((~Bi)& Bo );
Agi0 = Bi ^((~Bo)& Bu );
Ago0 = Bo ^((~Bu)& Ba );
Agu0 = Bu ^((~Ba)& Be );
Bi = ROL32((Aga1^Da0), 1);
Bo = ROL32((Age1^De0), 22);
Bu = ROL32((Agi1^Di0), 30);
Ba = ROL32((Ago1^Do1), 14);
Be = ROL32((Agu1^Du1), 10);
Aga1 = Ba ^((~Be)& Bi );
Age1 = Be ^((~Bi)& Bo );
Agi1 = Bi ^((~Bo)& Bu );
Ago1 = Bo ^((~Bu)& Ba );
Agu1 = Bu ^((~Ba)& Be );
Bu = ROL32((Aka0^Da0), 9);
Ba = ROL32((Ake0^De1), 1);
Be = ROL32((Aki0^Di0), 3);
Bi = ROL32((Ako0^Do1), 13);
Bo = ROL32((Aku0^Du0), 4);
Aka0 = Ba ^((~Be)& Bi );
Ake0 = Be ^((~Bi)& Bo );
Aki0 = Bi ^((~Bo)& Bu );
Ako0 = Bo ^((~Bu)& Ba );
Aku0 = Bu ^((~Ba)& Be );
Bu = ROL32((Aka1^Da1), 9);
Ba = (Ake1^De0);
Be = ROL32((Aki1^Di1), 3);
Bi = ROL32((Ako1^Do0), 12);
Bo = ROL32((Aku1^Du1), 4);
Aka1 = Ba ^((~Be)& Bi );
Ake1 = Be ^((~Bi)& Bo );
Aki1 = Bi ^((~Bo)& Bu );
Ako1 = Bo ^((~Bu)& Ba );
Aku1 = Bu ^((~Ba)& Be );
Be = ROL32((Ama0^Da0), 18);
Bi = ROL32((Ame0^De0), 5);
Bo = ROL32((Ami0^Di1), 8);
Bu = ROL32((Amo0^Do0), 28);
Ba = ROL32((Amu0^Du1), 14);
Ama0 = Ba ^((~Be)& Bi );
Ame0 = Be ^((~Bi)& Bo );
Ami0 = Bi ^((~Bo)& Bu );
Amo0 = Bo ^((~Bu)& Ba );
Amu0 = Bu ^((~Ba)& Be );
Be = ROL32((Ama1^Da1), 18);
Bi = ROL32((Ame1^De1), 5);
Bo = ROL32((Ami1^Di0), 7);
Bu = ROL32((Amo1^Do1), 28);
Ba = ROL32((Amu1^Du0), 13);
Ama1 = Ba ^((~Be)& Bi );
Ame1 = Be ^((~Bi)& Bo );
Ami1 = Bi ^((~Bo)& Bu );
Amo1 = Bo ^((~Bu)& Ba );
Amu1 = Bu ^((~Ba)& Be );
Bo = ROL32((Asa0^Da1), 21);
Bu = ROL32((Ase0^De0), 1);
Ba = ROL32((Asi0^Di0), 31);
Be = ROL32((Aso0^Do1), 28);
Bi = ROL32((Asu0^Du1), 20);
Asa0 = Ba ^((~Be)& Bi );
Ase0 = Be ^((~Bi)& Bo );
Asi0 = Bi ^((~Bo)& Bu );
Aso0 = Bo ^((~Bu)& Ba );
Asu0 = Bu ^((~Ba)& Be );
Bo = ROL32((Asa1^Da0), 20);
Bu = ROL32((Ase1^De1), 1);
Ba = ROL32((Asi1^Di1), 31);
Be = ROL32((Aso1^Do0), 27);
Bi = ROL32((Asu1^Du0), 19);
Asa1 = Ba ^((~Be)& Bi );
Ase1 = Be ^((~Bi)& Bo );
Asi1 = Bi ^((~Bo)& Bu );
Aso1 = Bo ^((~Bu)& Ba );
Asu1 = Bu ^((~Ba)& Be );
}
while ( *pRoundConstants != 0xFF );
#undef Aba0
#undef Aba1
#undef Abe0
#undef Abe1
#undef Abi0
#undef Abi1
#undef Abo0
#undef Abo1
#undef Abu0
#undef Abu1
#undef Aga0
#undef Aga1
#undef Age0
#undef Age1
#undef Agi0
#undef Agi1
#undef Ago0
#undef Ago1
#undef Agu0
#undef Agu1
#undef Aka0
#undef Aka1
#undef Ake0
#undef Ake1
#undef Aki0
#undef Aki1
#undef Ako0
#undef Ako1
#undef Aku0
#undef Aku1
#undef Ama0
#undef Ama1
#undef Ame0
#undef Ame1
#undef Ami0
#undef Ami1
#undef Amo0
#undef Amo1
#undef Amu0
#undef Amu1
#undef Asa0
#undef Asa1
#undef Ase0
#undef Ase1
#undef Asi0
#undef Asi1
#undef Aso0
#undef Aso1
#undef Asu0
#undef Asu1
}
}
void KeccakP800_Permute_Nrounds(void *argState, unsigned int nr)
{
tSmallUInt x, y;
tKeccakLane temp;
tKeccakLane BC[5];
tKeccakLane *state;
UINT8 LFSRstate;
state = (tKeccakLane*)argState;
LFSRstate = 0x01;
for ( y = (tSmallUInt)(cKeccakNumberOfRounds - nr); y != 0; --y )
{
for( x = 1; x < 128; x <<= 1 )
{
if ((LFSRstate & 0x80) != 0)
// Primitive polynomial over GF(2): x^8+x^6+x^5+x^4+1
LFSRstate = (LFSRstate << 1) ^ 0x71;
else
LFSRstate <<= 1;
}
}
do
{
// Theta
for ( x = 0; x < 5; ++x )
{
BC[x] = state[x] ^ state[5 + x] ^ state[10 + x] ^ state[15 + x] ^ state[20 + x];
}
for ( x = 0; x < 5; ++x )
{
temp = BC[MOD5(x+4)] ^ ROL32(BC[MOD5(x+1)], 1);
for ( y = 0; y < 25; y += 5 )
{
state[y + x] ^= temp;
}
}
// Rho Pi
temp = state[1];
for ( x = 0; x < 24; ++x )
{
BC[0] = state[KeccakP800_PiLane[x]];
state[KeccakP800_PiLane[x]] = ROL32( temp, KeccakP800_RotationConstants[x] );
temp = BC[0];
}
// Chi
for ( y = 0; y < 25; y += 5 )
{
#if defined(UNROLL_CHILOOP)
BC[0] = state[y + 0];
BC[1] = state[y + 1];
BC[2] = state[y + 2];
BC[3] = state[y + 3];
BC[4] = state[y + 4];
#else
for ( x = 0; x < 5; ++x )
{
BC[x] = state[y + x];
}
#endif
for ( x = 0; x < 5; ++x )
{
state[y + x] = BC[x] ^((~BC[MOD5(x+1)]) & BC[MOD5(x+2)]);
}
}
// Iota
temp = 0;
for( x = 1; x < 128; x <<= 1 )
{
if ( x <= (sizeof(tKeccakLane)*8) )
temp ^= (tKeccakLane)(LFSRstate & 1) << (x - 1);
if ((LFSRstate & 0x80) != 0)
// Primitive polynomial over GF(2): x^8+x^6+x^5+x^4+1
LFSRstate = (LFSRstate << 1) ^ 0x71;
else
LFSRstate <<= 1;
}
state[0] ^= temp;
}
while( --nr != 0 );
}
